Signal Brief · Archived
Week of October 30, 2023
The Week's Public Record
Events
2023-11-05
research poc
Research PoC Bypasses EasyAntiCheat Kernel Integrity ChecksEasyAntiCheat Integrity Check Bypass
A proof-of-concept demonstrates bypassing EasyAntiCheat's kernel-mode integrity checks by patching both the live driver and its hidden copy in memory. The technique uses undocumented Windows APIs to locate the copy pool and modify it, preventing detection of tampering.
2023-11-01
vuln disclosure
CVE-2023-5847: Tenable Nessus Privilege Escalation VulnerabilityCVE-2023-5847
A privilege escalation vulnerability was disclosed in Tenable Nessus. The flaw could allow an attacker to gain elevated privileges on the system where the Nessus agent is installed. This matters because Nessus is a widely used vulnerability scanner, and compromise of its agent could lead to broader network access.
2023-10-31
vuln disclosure
Atera Agent Package Availability Privilege Escalation via DLL HijackingCVE-2023-37243
CVE-2023-37243 is a local privilege escalation vulnerability in Atera Agent Package Availability for Windows. The executable Agent.Package.Availability.exe runs as SYSTEM on reboot and is susceptible to DLL hijacking due to insecure folder permissions. A standard user can place a malicious DLL in the folder to gain SYSTEM privileges.
Every event in this brief is a record in ColdRecon's canonical set, drawn from public open-source reporting and linked to its source. This is the general, non-personalized signal — published 7 days after the fact. The live daily brief, written for your deals, is for cleared officers.